Changing critical addresses in contracts should be a two-step process where the first transaction (from the old/current address) registers the new address (i.e. grants ownership) and the second transaction (from the new address) replaces the old address with the new one (i.e. claims ownership).
This gives an opportunity to recover from incorrect addresses mistakenly used in the first step. If not, contract functionality might become inaccessible. (see here and here)
- Critical Addresses Change Value
- Single-Step Change
- Error -> Contract Locked
- Two-step Change
- Grant/Approve + Claim
- Error Recovery
- Risk Mitigation